Re: mysql syntax problem
On Wed, Oct 02, 2002 at 09:06:16AM +0100, [EMAIL PROTECTED] wrote: when i query a mysql db within a perl script this works fine... $sth = $dbh-prepare (SELECT venue from base1 WHERE op = 'K Trevan'); this doesn't.. $sth = $dbh-prepare (SELECT venue from base1 WHERE op = 'K O'Trevan'); i know the issue is 'K O'Trevan' in that the 2nd ' completes i just don't know how to resolve it - other than changing 'K O'Trevan' to 'K O Trevan' Use placeholders: $sth = $dbh-prepare(SELECT venue FROM base1 WHERE op = ?); $sth-execute(K O'Trevan); This is a little silly with literal values, as you can easily escape them manually. It works much better with data you get from sources that won't escape it, such as user input. Read about placeholders in perldoc DBI. As for manually escaping your values, that's an SQL question, and you should read the documentation on your database for information on that. Michael -- Administrator www.shoebox.net Programmer, System Administrator www.gallanttech.com -- -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: mysql syntax problem
Michael Excellent - read DBI/placeholder thanks Michael Fowler michael@shoebox To: [EMAIL PROTECTED] .netcc: [EMAIL PROTECTED] Subject: Re: mysql syntax problem 10/02/02 09:33 AM On Wed, Oct 02, 2002 at 09:06:16AM +0100, [EMAIL PROTECTED] wrote: when i query a mysql db within a perl script this works fine... $sth = $dbh-prepare (SELECT venue from base1 WHERE op = 'K Trevan'); this doesn't.. $sth = $dbh-prepare (SELECT venue from base1 WHERE op = 'K O'Trevan'); i know the issue is 'K O'Trevan' in that the 2nd ' completes i just don't know how to resolve it - other than changing 'K O'Trevan' to 'K O Trevan' Use placeholders: $sth = $dbh-prepare(SELECT venue FROM base1 WHERE op = ?); $sth-execute(K O'Trevan); This is a little silly with literal values, as you can easily escape them manually. It works much better with data you get from sources that won't escape it, such as user input. Read about placeholders in perldoc DBI. As for manually escaping your values, that's an SQL question, and you should read the documentation on your database for information on that. Michael -- Administrator www.shoebox.net Programmer, System Administrator www.gallanttech.com -- -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: mysql syntax problem
Use placeholders: Could you also use quote() for this? Ain't no blood in my body, it's liquid soul in my veins ~Roots Manuva -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: mysql syntax problem
On Wed, Oct 02, 2002 at 09:25:43AM -0700, nkuipers wrote: Could you also use quote() for this? Yes, $dbh-quote() can also be used for quoting strings. I generally don't suggest it because it's more awkward and makes for less readable code than placeholders. Michael -- Administrator www.shoebox.net Programmer, System Administrator www.gallanttech.com -- -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
